CVE-2019-9082 Information

Description

ThinkPHP before 3.2.4 as used in Open Source BMS v1.1.1 and other products allows Remote Command Execution via public//?s=index/\think\app/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]= followed by the command.

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Reference

http://packetstormsecurity.com/files/157218/ThinkPHP-5.0.23-Remote-Code-Execution.html https://github.com/xiayulei/open_source_bms/issues/33 https://www.exploit-db.com/exploits/46488/

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

HIGH

Base Score

HIGH

Base Severity

9.8

Hosts Detected Exploiting Vulnerability in the Wild

1.36.225.213 101.201.140.45 103.207.0.222 104.215.154.205 106.2.7.25 106.52.70.197 106.75.224.174 111.121.192.190 112.69.60.231 112.95.211.226 114.239.104.196 114.239.104.248 114.239.105.89 114.239.107.229 115.197.46.216 117.50.2.163 117.73.12.175 117.95.231.233 118.190.116.148 119.29.75.234 119.45.196.53 120.133.21.12 120.133.27.132 120.27.133.197 120.76.44.116 120.77.221.44 120.78.11.122 121.196.46.62 121.201.38.124 121.42.37.17 123.56.49.19 128.199.34.31 13.126.244.144 13.233.249.187 138.197.178.28 138.68.238.150 138.68.79.53 139.196.111.34 139.224.18.42 139.9.92.188 139.9.95.153 140.82.44.93 141.237.139.156 149.248.54.99 149.81.158.151 152.228.170.132 157.230.61.80 161.35.108.141 162.220.146.115 164.90.143.42 165.232.50.68 167.172.174.178 167.71.146.3 167.71.150.107 167.99.211.98 167.99.214.206 172.23.0.100 172.68.132.49 173.245.48.137 173.245.48.215 177.231.253.46 178.62.41.187 18.219.18.158 180.76.173.206 181.114.57.7 182.254.241.79 182.92.218.221 182.92.240.15 183.230.33.16 183.64.171.92 185.222.202.118 185.244.25.106 185.244.25.107 185.244.25.201 188.165.179.15 189.84.89.235 190.147.230.234 191.7.191.193 193.176.240.232 200.205.152.81 201.171.183.152 202.69.49.76 205.185.113.123 210.76.38.149 211.149.163.223 216.238.253.136 218.241.131.223 218.3.96.227 219.154.204.164 221.202.166.182 222.166.30.208 222.168.151.140 222.168.27.125 222.173.81.62 222.241.205.45 34.218.137.169 34.243.209.83 34.64.248.182 34.83.208.136 35.157.109.78 35.222.10.216 36.157.207.26 36.89.62.7 37.221.243.13 39.108.245.137 43.128.22.245 45.133.9.169 46.249.33.55 46.250.111.156 47.102.104.6 47.93.112.231 47.93.117.4 5.1.38.129 51.104.230.97 51.145.141.239 51.178.47.149 51.38.10.58 52.172.137.79 52.185.207.39 52.4.128.170 54.195.144.162 54.242.106.251 54.252.234.26 58.153.63.221 61.149.215.166 61.155.106.37 61.186.9.124 62.109.19.125 64.227.14.162 64.227.81.127 68.70.218.121 68.70.49.253 69.59.84.76 77.69.193.138 80.82.58.40 82.200.237.10 83.249.230.95 88.98.119.75 94.54.46.217 95.179.166.114